CVE-2025-10233 | kalcaddle kodbox 1.61 editor.class.php fileGet/fileSave path path traversal

Inserito da Angelo Barbosa | Set 10, 2025 | CVE

A vulnerability has been found in kalcaddle kodbox 1.61 and classified as critical. This affects the function fileGet/fileSave of the file app/controller/explorer/editor.class.php. The manipulation of the argument path leads to path traversal.

This vulnerability is documented as CVE-2025-10233. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-10233 | kalcaddle kodbox 1.61 editor.class.php fileGet/fileSave path path traversal

Post correlati

CVE-2024-52975 | Elastic Fleet Server up to 8.14.x information disclosure

CVE-2023-42881 | Apple macOS AppleVA Remote Code Execution (HT214036)

CVE-2024-5614 | piotnetdotcom Piotnet Addons for Elementor Plugin up to 2.4.29 on WordPress pafe_posts_list information disclosure

CVE-2024-26632 | Linux Kernel up to 6.1.74/6.6.13/6.7.1 bio_first_folio null pointer dereference